Cisco Cisco Firepower Management Center 2000 Notas de publicación
Firepower System Release Notes
New Features and Functionality
11
Integration with AMP Threat Grid
Cisco’s acquisition of ThreatGrid in June 2014 increased our abilities in helping our customers address advanced
persistent threats, and that technology has now been fully integrated in Firepower v6.0. AMP Threat Grid now
provides our sandboxing capabilities in the cloud when using our AMP for Firepower option. Files sent to the cloud
for dynamic analysis are securely analyzed and correlated against hundreds of millions of other analyzed malware
artifacts to provide a global view of malware attacks, campaigns, and their distribution. Detailed reports identify
key behavioral indicators and determine threat scores for faster prioritization and recovery from advanced attacks.
persistent threats, and that technology has now been fully integrated in Firepower v6.0. AMP Threat Grid now
provides our sandboxing capabilities in the cloud when using our AMP for Firepower option. Files sent to the cloud
for dynamic analysis are securely analyzed and correlated against hundreds of millions of other analyzed malware
artifacts to provide a global view of malware attacks, campaigns, and their distribution. Detailed reports identify
key behavioral indicators and determine threat scores for faster prioritization and recovery from advanced attacks.
In addition, we have greatly expanded the file types we support for automatic dynamic analysis from just
executable files to include PDF and Office documents.
executable files to include PDF and Office documents.
Expanded Management Functionality
Multiple Domain Management
To address the service provider market which must manage separate customer environments, as well as
enterprises with acquisitions (resulting in overlapping IP addresses) or geographic business units that need to be
managed separately, the Firepower Management Center now has the ability to create multiple management
domains. These domains (up to 50) enable separate management environments and are administered using
granular role-based access control (RBAC). Each domain provides separate event data, reporting, and network
maps.
enterprises with acquisitions (resulting in overlapping IP addresses) or geographic business units that need to be
managed separately, the Firepower Management Center now has the ability to create multiple management
domains. These domains (up to 50) enable separate management environments and are administered using
granular role-based access control (RBAC). Each domain provides separate event data, reporting, and network
maps.
Policy Hierarchy and Inheritance
To support multiple domain management and make policy administration more efficient, Version 6.0 provides the
ability to create a hierarchy of policies. Global policies (e.g., access control) can be established that will apply to
all management environments. A policy hierarchy can then be constructed underneath the global policy level to
represent different environments, different companies, different business units, or different parts of the
organization. Each of these policy environments will inherit the policies of the hierarchy above it, allowing for more
consistent and efficient policy management.
ability to create a hierarchy of policies. Global policies (e.g., access control) can be established that will apply to
all management environments. A policy hierarchy can then be constructed underneath the global policy level to
represent different environments, different companies, different business units, or different parts of the
organization. Each of these policy environments will inherit the policies of the hierarchy above it, allowing for more
consistent and efficient policy management.
Expanded ASDM Management Availability
Cisco’s Adaptive Security Device Manager (ASDM) is the local management feature for Cisco ASA with
FirePOWER Services. It was introduced as part of the Cisco ASA 5506-X, ASA 5508-X, and ASA 5516-X
appliances. With Firepower v6.0, ASDM is now available on the remaining Cisco ASA with FirePOWER Services
appliances (ASA 5512-X / ASA 5515-X / ASA 5525-X / ASA 5545-X / ASA 5555-X / ASA 5585-X).
FirePOWER Services. It was introduced as part of the Cisco ASA 5506-X, ASA 5508-X, and ASA 5516-X
appliances. With Firepower v6.0, ASDM is now available on the remaining Cisco ASA with FirePOWER Services
appliances (ASA 5512-X / ASA 5515-X / ASA 5525-X / ASA 5545-X / ASA 5555-X / ASA 5585-X).
You cannot compare policies on the following pages: the NAT Policy page, the Platform Settings page, and
the SSL Policy page.
the SSL Policy page.
Version 6.0 does not support AMP for Firepower signature lookups with the private AMP cloud. In Version 6.0,
the system automatically submits SHA-256 signatures to the public AMP cloud. If you have a private AMP
cloud and are receiving events from endpoints, the Version 6.0 Firepower Management Center will continue
to receive those events without any additional changes to your configuration.
the system automatically submits SHA-256 signatures to the public AMP cloud. If you have a private AMP
cloud and are receiving events from endpoints, the Version 6.0 Firepower Management Center will continue
to receive those events without any additional changes to your configuration.
Syslog messages for connection events now populate information for the following fields: HTTP Referrer, User
Agent, and Referenced Host.
Agent, and Referenced Host.
Version 6.0 does not support Discovery Event Health Monitoring.)
You can now edit Automatic Application Bypass (AAB) settings on Cisco ASA with FirePOWER Services.